Expert warns Brits they will have to 'pay millions' for digital ID

The UK government has recently announced plans to introduce a digital ID system nationwide, with Prime MinisterSir Keir Starmer stating that the move will make the country's borders "more secure." While these digital IDs won't need to be carried every day, they will be mandatory for anyone seeking employment within the UK. The government intends to roll out the scheme before the next general election in August 2029. Countries like Estonia have already implemented digital ID systems.

These digital IDs will serve as proof of a person's right to live and work in the UK. The system will operate via a mobile app, similar to the NHS App or digital banking cards, and will contain details such as residency status, name, date of birth, nationality, and a photograph. The government's rationale is to crack down on illegal immigration by making it harder for those without proper status to secure jobs, an approach ministers argue targets a key factor that draws migrants to the UK illegally. However, the move has also been met with opposition.

Conservative Party leader Kemi Badenoch expressed that while there are "arguments for and against" it, the matter "requires a proper national debate." Outside the Labour Party conference in Liverpool, protesters also carried signs saying "No to digital ID," warning it could lead to increased surveillance and marginalisation of vulnerable groups. Civil rights groups like Big Brother Watch have written to the Prime Minister urging him to scrap the plan, and more than 2.8 million people have also signed a petition to scrap the digital ID scheme on the UK Parliament website.

The Express has exclusively interviewed experts in the field at the Global Cybersecurity Forum in Dubai to understand the implications of the government's digital ID plans.

Professor William Dutton, Founding Director at the Oxford Internet Institute at Oxford University told the Express that the digital ID poses a "risk to privacy and security." He revealed exclusively to the Express that he has written saying that he does not approve such a system.

The expert argued that the UK government claims good intentions with the digital ID system, but he believes it's unnecessary. He points out that current systems like healthcare records, driver's licenses, and facial recognition already make individuals easily identifiable, making a separate digital ID redundant.

He said: "There have been over three decades British politicians have been trying to introduce ID cards in one form or another, and now the digital ID card or the RIP card is the latest iteration of that. I don't know why the Labour Party has been obsessed with this for decades. I usually agree with many of their policies, but not this.

"An ID card creates an identification of an individual and it's likely to create a database about that individual. It's being argued that it's going to be limited to whether they have the right to work or not but these kinds of applications have a great deal of mission creep and also data creep so that they can continue.

"If we only need to determine whether a person has the right to work, I would bet dollars to donors that this ID card will have biometric identification data, all sorts of data that is not relevant to necessarily whether they have the right to work. If you have a card that has a very focused target, the right to work, you should collect the minimum amount of information necessary to determine if they have that right, and I think a digital ID card goes way beyond that."

Prof Dutton emphasised that the digital ID system would come at a significant financial cost for Brits.

He said: "The cost is going to be enormous, and it'll be a free card. It's publicised as it's going to be a free ID card, free to the person who has the card, but the public's going to have to pay millions for this. It's going to be one of these big projects that might not succeed. Those are the principal reasons why I would go against it. It's not necessary and it's a new security risk."

Craig Jones, Former Cyber Director at INTERPOL, on the other hand, said he supports digital ID systems, provided they are implemented with clear checks, balances, and strong accountability mechanisms.

He told the Express: "I am supportive of such a scheme, but it has to come with very clear checks and measures, and this is where roles of the information commissioner's office, for example, are really important."

He pointed out that the UK already uses forms of digital ID through services like government portals for tax and insurance. However, a fully government-backed digital ID system would be more comprehensive. He highlighted Estonia as a successful example, where digital IDs are integrated across healthcare, libraries, insurance, and taxes, making public services more efficient and secure.

Craig Jones supports the digital ID but only if it includes strong data protection measures, legal responsibility for security, and real consequences for misuse or breaches. He recognised that others may have valid reservations, especially around privacy and state surveillance, but his view is that with the right checks and balances, the digital ID can be a positive step.

He also used Singapore as an example. He's lived there for five years and they have a successful digital system there as well.

Arnaud Taddei, Global Security Strategist at Enterprise Security Group at Broadcom also supports the digital ID and said there needs to be safeguards. While he is entrusted by the UK government as a Swiss citizen he has actually voted in favour of a digital ID just the other week where they had an election for it.

He said: "We need to have somebody to give us the possibility for a digital identity trust, and I understand the debate about privacy and non-privacy and security and all that but at some point, who else could do this? So you have two choices: either you give your hands to a corporate company, let's say a hyperscaler, or you give it to a state nation. In either way, you will have drawbacks.

"Security as a whole system cannot be proven so you can propose the best that you can, you can propose many, many solutions, there are plenty of controls you could apply. For example, here, you could think, of course, perhaps we want to have a distributed identity system. We want to have specific controls here and there, but that will never remove completely the risk that people can have on such systems. I think that we have to take this risk. That's my position."